package io.github.syske.springbootjdbcmybatisdemo.controller;

import io.github.syske.springbootjdbcmybatisdemo.common.ResultObject;
import io.github.syske.springbootjdbcmybatisdemo.dao.UserDao;
import io.github.syske.springbootjdbcmybatisdemo.entity.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@RestController
public class LoginController {

    @Autowired
    UserDao userDao;

    @RequestMapping("api/login")
    public Object login(@RequestBody User user, HttpSession session){
        String username = user.user_name;
        String password = user.user_password;

        // 尝试从session中获取用户信息
        User userFromSession = (User) session.getAttribute("user");
        if (userFromSession != null){
            if(passwordMatches(username,password,userFromSession)){
                // 密码匹配，返回登录成功
                ResultObject resultObject = new ResultObject();
                resultObject.data = userFromSession;
                resultObject.message = "登录成功";
                return resultObject;
            }else {
                // 密码不匹配
                ResultObject resultObject = new ResultObject();
                resultObject.code = 401;
                resultObject.message = "密码输入错误";
                return resultObject;
            }
        }

        // 如果session中没有用户信息，则到数据库中查询
        Map<String,Object> map = new HashMap<>();
        map.put("user_name",username);
        map.put("user_password",password);
        List<User> list = userDao.getUserByName(map);
        User userFromDatabase = null;
        if(list !=null && list.size()>0) userFromDatabase = list.get(0);
        if (userFromDatabase != null ) {
            // 用户存在且密码匹配，将用户信息存入session
            session.setAttribute("user", userFromDatabase);
            ResultObject resultObject = new ResultObject();
            resultObject.data = userFromDatabase;
            resultObject.message = "登录成功";
            return resultObject;
        } else {
            // 用户不存在或密码不匹配
            ResultObject resultObject = new ResultObject();
            resultObject.code = 401;

            resultObject.message = "登录失败，请检查用户名密码是否正确";
            return resultObject;
        }

    }

    private boolean passwordMatches(String username,String password,User sessionUser){
        if(sessionUser.user_name.equals(username) && sessionUser.user_password.equals(password)){
            return true;
        }

        return false;
    }

    @RequestMapping("/api/logout")
    public Object logout(HttpSession session) {
        session.removeAttribute("user");
        ResultObject resultObject = new ResultObject();

        resultObject.message = "退出登录成功";
        return resultObject;
    }
}
